The Top 5 Things You Should Know About the BSA’s 5th Pillar
While BSA’s Customer Due Diligence (often referred to as the “5th Pillar”) went into effect on May 11, 2018, our clients and friends still have a lot of questions floating around, so our team performed “post-mortems” from our most recent BSA Compliance Exams (both ours and those from regulatory examiners) and have compiled the top 5 things you need to know about the “5th Pillar.
1. Update Your Policy
Customer Due Diligence (or “CDD”) has always been embedded into the AML regulation, except now, the examiners expect CDD to be clearly written and identifiable within the BSA/AML Policy. In spite of the 5th Pillar requirements, many financial institutions have not yet added CDD requirements in their AML/BSA Policy and/or If not done yet, please update your policy/procedures before your next exam to include the following:
- Understanding the nature of your customer
- Overall purpose of CDD
- The customer’s “risk profile”
- I have seen this accomplished really well through a “getting to know you” questionnaire which documents the account purpose and the transaction types expected from the customer.
- Processes for monitoring customers to identify and report suspicious transactions, and
- Explain how you will identify high-risk customers and monitor their activity (presumably more monitoring than for low risk customers).
2. Two NEW Types of Beneficial Owners
You are now required to have written procedures explaining how you will identify the so called “beneficial owners,” of your commercial accounts, AND your teams must actually follow those procedures at the time of account opening (for now, existing accounts are grandfathered in until they apply for something new). (Get the Form). Beneficial ownership is defined as a “two prong” process and all beneficial owners must go through the standard CIP procedures.
- Prong #1: A business owner with at least a 25% ownership stake (unless the credit union sets a lower threshold).
- Prong #2: A single individual with significant responsibility (but not necessarily any ownership) to “control, manage, or direct” such as a CEO, CFO, COO, etc. is considered a beneficial owner.
You have to get both kinds of beneficial owners in your policy/procedures, and the your front-line staff MUST make an effort to obtain the required information.
CAUTION: Under the Fair Credit Reporting Act, you cannot run a consumer credit report on beneficial owners who are not signers on the business account without obtaining an affirmative consent to do so in advance (these regulations all intersect, don’t they?)
3. Work Together on 5th Pillar when Possible
Regulations allow you to collaborate and share information with respect to the beneficial ownership rules – IF:
- Your reliance is reasonable under the circumstances; and
- Your collaborating partner is also regulated by a Federal functional regulator; and
- The sharing financial institution annually certifies it meets all anti-money laundering.
HINT: This is particularly helpful for Loan Participations. Ask me why.
4. Also Update “Pillar 3”
When you updated your policy to address “Pillar 5”, your update should have included the new verbiage for “Pillar 3:” Designation of an individual responsible for coordinating and monitoring day-to-day compliance;
CAUTION: Examiners are now looking for a “back-up” person too; and questioning credentials and training of these designated personnel.
5. Strenuous Training Expectations
Examiners expect you to not only show proof that personnel have been trained, but also that they have retained the knowledge (pop quiz anyone?). We have witnessed examiners testing your teams’ BSA knowledge and sometimes the results have been embarrassing.
HINT: I always argue these tests should be open book – who can memorize everything, especially under pressure! Also to supplement this concern– the test results, if such records are produced and saved, provide evidence of knowledge retention.
And, perhaps most importantly, because this is all so new, we will not know exactly how the examiners will interpret these new regulations, nor how they will audit to these changes until the process begins and goes through a few cycles. We will, of course, be updating you all with our BSA 5th Pillar war stories and experiences as they continue to come in. If you want to make sure you are on the BSA exam update list, send me an email and I will make sure you are included.